Howto hostapd: Difference between revisions

From Vidalinux Wiki
Jump to navigation Jump to search
 
(33 intermediate revisions by the same user not shown)
Line 1: Line 1:
= references =  
= network manager =
set wlan0 to unmanaged by networkmanager:
cat > /etc/NetworkManager/conf.d/99-unmanaged-devices.conf << EOF
[keyfile]
unmanaged-devices=interface-name:wlan0
EOF
restart network manager:
systemctl restart NetworkManager
= configure wlan0 =
set wlan0 ip address:
iw dev wlan0 set type managed
iw wlan0 set power_save off
ip link set dev wlan0 up
ip addr add 192.168.10.1/24 dev wlan0
 
= install hostapd =
install latest version:
yay -s hostapd-git
configuration for wifi6e on 6ghz:
cat > /etc/hostapd/hostapd.conf << EOF
###################################################################
# HostAPd configuration for WiFi-6e for a MEDIATEK mt7925 NIC    #
#                                                                #
# Requirements for WiFi-6e (ieee80211ax) on 6GHz:                #
# - WPA3 for authentication                                      #
# - SAE key management required for WPA3                          #
# - Management Frame Protection required for WPA3                #
# - Radar awareness required for some RegDomains on 5GHz and 6GHz #
# - WME/WMM required                                              #
###################################################################
ctrl_interface=/var/run/hostapd
driver=nl80211
# interface
interface=wlan0
# country code
country_code=DE
ieee80211d=1
# ssid
ssid=mandulete
# wifi6e protocol ax mode
ieee80211ax=1
# indoor only ap
he_6ghz_reg_pwr_type=0
# multimedia extentions
wme_enabled=1
wmm_enabled=1
# frecuency band and channel
hw_mode=a
channel=1
op_class=134
he_oper_centr_freq_seg0_idx=15
# enforce management frame protection
ieee80211w=2
beacon_prot=1
# radar detection
ieee80211h=1
enable_background_radar=1
# authentication
wpa=2
wpa_key_mgmt=SAE
auth_algs=1
rsn_pairwise=CCMP CCMP-256 GCMP GCMP-256
group_mgmt_cipher=AES-128-CMAC
sae_password=vidalinux123
# wmm parameters
tx_queue_data3_aifs=7
tx_queue_data3_cwmin=15
tx_queue_data3_cwmax=1023
tx_queue_data3_burst=0
# Normal priority / AC_BE = best effort
tx_queue_data2_aifs=3
tx_queue_data2_cwmin=15
tx_queue_data2_cwmax=63
tx_queue_data2_burst=0
# High priority / AC_VI = video
tx_queue_data1_aifs=1
tx_queue_data1_cwmin=7
tx_queue_data1_cwmax=15
tx_queue_data1_burst=3.0
# Highest priority / AC_VO = voice
tx_queue_data0_aifs=1
tx_queue_data0_cwmin=3
tx_queue_data0_cwmax=7
tx_queue_data0_burst=1.5
# Quality of Service (QoS) parameters
# Low priority / AC_BK = background
wmm_ac_bk_cwmin=4
wmm_ac_bk_cwmax=10
wmm_ac_bk_aifs=7
wmm_ac_bk_txop_limit=0
wmm_ac_bk_acm=0
# Normal priority / AC_BE = best effort
wmm_ac_be_aifs=3
wmm_ac_be_cwmin=4
wmm_ac_be_cwmax=10
wmm_ac_be_txop_limit=0
wmm_ac_be_acm=0
# High priority / AC_VI = video
wmm_ac_vi_aifs=2
wmm_ac_vi_cwmin=3
wmm_ac_vi_cwmax=4
wmm_ac_vi_txop_limit=94
wmm_ac_vi_acm=0
# Highest priority / AC_VO = voice
wmm_ac_vo_aifs=2
wmm_ac_vo_cwmin=2
wmm_ac_vo_cwmax=3
wmm_ac_vo_txop_limit=47
wmm_ac_vo_acm=0
# Logging
logger_stdout=-1
logger_stdout_level=0
logger_syslog=-1
logger_syslog_level=0
# beamforming capabilities
he_mu_beamformer=1
he_su_beamformee=1
he_su_beamformer=1
EOF
settings for wifi7:
ieee80211be=1
disable_11be=0
eht_su_beamformer=1
eht_su_beamformee=1
eht_mu_beamformer=1
start hostapd deamon:
hostapd -t -d -P /var/run/wlan0.pid /etc/hostapd/hostapd.conf
 
= install dhcp server =
install dhcp server package:
pacman -S dhcp
configure dhcp server:
shared-network DHCP {
        subnet 192.168.10.0 netmask 255.255.255.0 {
                range 192.168.10.100 192.168.10.10;
                option broadcast-address 192.168.10.255;
                option routers 192.168.10.1;
                option subnet-mask 255.255.255.0;
                option domain-name-servers 4.2.2.1, 4.2.2.2;
                default-lease-time 600;
                max-lease-time 7200;
  }
}
start dhcp server on wlan0 interface:
dhcpd wlan0
= iptables rules =
set iptables rules for sharing internet to wlan0:
cat > /usr/local/bin/sharenetwlan << EOF
#!/bin/bash
iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE
iptables -A FORWARD -s 192.168.10.0/24 -o eth0 -j ACCEPT
iptables -A FORWARD -d 192.168.10.0/24 -m state --state ESTABLISHED,RELATED -i eth0 -j ACCEPT
echo 1 >/proc/sys/net/ipv4/conf/all/forwarding
EOF
set permissions to script:
chmod +x /usr/local/bin/sharenetwlan
execute script:
/usr/local/bin/sharenetwlan
 
= speed test =
install iperf3 on server and client:
pacman -Sy iperf3 --noconfirm
start iperf3 service on server:
iperf3 -s
on client connect to server using iperf3:
iperf3 -c 192.168.10.1 -p 5201
you should see somehing like this:
Connecting to host 192.168.10.1, port 5201
[  5] local 192.168.10.34 port 39000 connected to 192.168.10.1 port 5201
[ ID] Interval          Transfer    Bitrate        Retr  Cwnd
[  5]  0.00-1.00  sec  128 MBytes  1.08 Gbits/sec    0  1.10 MBytes     
[  5]  1.00-2.00  sec  59.2 MBytes  497 Mbits/sec    1  1.32 MBytes     
[  5]  2.00-3.00  sec  47.0 MBytes  394 Mbits/sec    1  1.11 MBytes     
[  5]  3.00-4.00  sec  46.8 MBytes  392 Mbits/sec    3    908 KBytes     
[  5]  4.00-5.00  sec  49.1 MBytes  412 Mbits/sec    2  1.06 MBytes     
[  5]  5.00-6.00  sec  41.0 MBytes  344 Mbits/sec    2    631 KBytes     
[  5]  6.00-7.00  sec  92.1 MBytes  773 Mbits/sec    0    783 KBytes     
[  5]  7.00-8.00  sec  134 MBytes  1.13 Gbits/sec    0    962 KBytes     
[  5]  8.00-9.00  sec  129 MBytes  1.08 Gbits/sec    0    962 KBytes     
[  5]  9.00-10.00  sec  132 MBytes  1.11 Gbits/sec    0    962 KBytes     
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval          Transfer    Bitrate        Retr
[  5]  0.00-10.00  sec  859 MBytes  721 Mbits/sec    9            sender
[  5]  0.00-10.00  sec  857 MBytes  718 Mbits/sec                  receiver
iperf Done.
= enable 5ghz band support on intel wireless chips  =
download iwlwifi-lar-disable-dkms:
yay -G iwlwifi-lar-disable-dkms
edit pkgbuild change kernel based on your version:
pkgver=6.9.8
build package:
makepkg -si
edit /etc/default/grub:
GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet iwlwifi.lar_disable=Y"
commit changes:
grub-mkconfig -o /boot/grub/grub.cfg
mkinitcpio -P
 
= references =
* https://github.com/morrownr/USB-WiFi/tree/main/home/AP_Mode
* https://github.com/morrownr/USB-WiFi/tree/main/home/AP_Mode
* https://github.com/morrownr/USB-WiFi/blob/main/home/USB_WiFi_Chipsets.md
* https://github.com/morrownr/USB-WiFi/issues/431
* https://github.com/morrownr/USB-WiFi/issues/431
* https://variwiki.com/index.php?title=Wifi_NetworkManager#Creating_WiFi_AP
* https://variwiki.com/index.php?title=Wifi_NetworkManager#Creating_WiFi_AP
* https://github.com/drozdi70/bananapi_bpir4/blob/main/conf_files_bpi_router_6.10_trixie.zip
* https://forum.openwrt.org/t/banana-bpi-r4-wifi7-status/201051/24
* https://community.frame.work/t/guide-successful-wi-fi-7-802-11be-on-framework-13-amd-with-qualcomm-qcncm865-and-arch-linux/44723
* https://forum.openwrt.org/t/banana-bpi-r4-how-to-wnc7851-ncm865/197141/25
* https://vyos.dev/T6320
* https://gist.github.com/iffa/290b1b83b17f51355c63a97df7c1cc60
* https://variwiki.com/index.php?title=Wifi_NetworkManager#Creating_WiFi_AP
* https://wiki.archlinux.org/title/Network_configuration/Wireless#Respecting_the_regulatory_domain
* https://superuser.com/questions/809282/wifi-5ghz-ap-mode-what-does-no-ir-means-and-can-i-bypass-it
* https://github.com/vanhoefm/hostap-wpa3
* https://wikidevi.wi-cat.ru/Main_Page
* https://www.netally.com/wifi-solutions/wifi-7-promises-to-achieve-up-to-46gbps-speeds/

Latest revision as of 01:45, 13 September 2024

network manager

set wlan0 to unmanaged by networkmanager:

cat > /etc/NetworkManager/conf.d/99-unmanaged-devices.conf << EOF
[keyfile]
unmanaged-devices=interface-name:wlan0
EOF

restart network manager:

systemctl restart NetworkManager

configure wlan0

set wlan0 ip address:

iw dev wlan0 set type managed
iw wlan0 set power_save off
ip link set dev wlan0 up
ip addr add 192.168.10.1/24 dev wlan0

install hostapd

install latest version:

yay -s hostapd-git

configuration for wifi6e on 6ghz:

cat > /etc/hostapd/hostapd.conf << EOF
###################################################################
# HostAPd configuration for WiFi-6e for a MEDIATEK mt7925 NIC     #
#                                                                 #
# Requirements for WiFi-6e (ieee80211ax) on 6GHz:                 #
# - WPA3 for authentication                                       #
# - SAE key management required for WPA3                          #
# - Management Frame Protection required for WPA3                 #
# - Radar awareness required for some RegDomains on 5GHz and 6GHz #
# - WME/WMM required                                              #
###################################################################
ctrl_interface=/var/run/hostapd
driver=nl80211

# interface
interface=wlan0
# country code
country_code=DE
ieee80211d=1
# ssid
ssid=mandulete
# wifi6e protocol ax mode
ieee80211ax=1
# indoor only ap
he_6ghz_reg_pwr_type=0
# multimedia extentions 
wme_enabled=1
wmm_enabled=1
# frecuency band and channel
hw_mode=a
channel=1
op_class=134
he_oper_centr_freq_seg0_idx=15
# enforce management frame protection
ieee80211w=2
beacon_prot=1
# radar detection
ieee80211h=1
enable_background_radar=1
# authentication
wpa=2
wpa_key_mgmt=SAE
auth_algs=1
rsn_pairwise=CCMP CCMP-256 GCMP GCMP-256
group_mgmt_cipher=AES-128-CMAC
sae_password=vidalinux123
# wmm parameters 
tx_queue_data3_aifs=7
tx_queue_data3_cwmin=15
tx_queue_data3_cwmax=1023
tx_queue_data3_burst=0
# Normal priority / AC_BE = best effort
tx_queue_data2_aifs=3
tx_queue_data2_cwmin=15
tx_queue_data2_cwmax=63
tx_queue_data2_burst=0
# High priority / AC_VI = video
tx_queue_data1_aifs=1
tx_queue_data1_cwmin=7
tx_queue_data1_cwmax=15
tx_queue_data1_burst=3.0
# Highest priority / AC_VO = voice
tx_queue_data0_aifs=1
tx_queue_data0_cwmin=3
tx_queue_data0_cwmax=7
tx_queue_data0_burst=1.5
# Quality of Service (QoS) parameters
# Low priority / AC_BK = background
wmm_ac_bk_cwmin=4
wmm_ac_bk_cwmax=10
wmm_ac_bk_aifs=7
wmm_ac_bk_txop_limit=0
wmm_ac_bk_acm=0
# Normal priority / AC_BE = best effort
wmm_ac_be_aifs=3
wmm_ac_be_cwmin=4
wmm_ac_be_cwmax=10
wmm_ac_be_txop_limit=0
wmm_ac_be_acm=0
# High priority / AC_VI = video
wmm_ac_vi_aifs=2
wmm_ac_vi_cwmin=3
wmm_ac_vi_cwmax=4
wmm_ac_vi_txop_limit=94
wmm_ac_vi_acm=0
# Highest priority / AC_VO = voice
wmm_ac_vo_aifs=2
wmm_ac_vo_cwmin=2
wmm_ac_vo_cwmax=3
wmm_ac_vo_txop_limit=47
wmm_ac_vo_acm=0
# Logging
logger_stdout=-1
logger_stdout_level=0
logger_syslog=-1
logger_syslog_level=0
# beamforming capabilities 
he_mu_beamformer=1
he_su_beamformee=1
he_su_beamformer=1
EOF

settings for wifi7:

ieee80211be=1
disable_11be=0
eht_su_beamformer=1
eht_su_beamformee=1
eht_mu_beamformer=1

start hostapd deamon:

hostapd -t -d -P /var/run/wlan0.pid /etc/hostapd/hostapd.conf

install dhcp server

install dhcp server package:

pacman -S dhcp

configure dhcp server:

shared-network DHCP {
       subnet 192.168.10.0 netmask 255.255.255.0 {
               range 192.168.10.100 192.168.10.10;
               option broadcast-address 192.168.10.255;
               option routers 192.168.10.1;
               option subnet-mask 255.255.255.0;
               option domain-name-servers 4.2.2.1, 4.2.2.2;
               default-lease-time 600;
               max-lease-time 7200;
 }
}

start dhcp server on wlan0 interface:

dhcpd wlan0

iptables rules

set iptables rules for sharing internet to wlan0:

cat > /usr/local/bin/sharenetwlan << EOF
#!/bin/bash
iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -o eth0 -j MASQUERADE
iptables -A FORWARD -s 192.168.10.0/24 -o eth0 -j ACCEPT
iptables -A FORWARD -d 192.168.10.0/24 -m state --state ESTABLISHED,RELATED -i eth0 -j ACCEPT
echo 1 >/proc/sys/net/ipv4/conf/all/forwarding
EOF

set permissions to script:

chmod +x /usr/local/bin/sharenetwlan

execute script:

/usr/local/bin/sharenetwlan

speed test

install iperf3 on server and client:

pacman -Sy iperf3 --noconfirm

start iperf3 service on server:

iperf3 -s

on client connect to server using iperf3:

iperf3 -c 192.168.10.1 -p 5201

you should see somehing like this:

Connecting to host 192.168.10.1, port 5201
[  5] local 192.168.10.34 port 39000 connected to 192.168.10.1 port 5201
[ ID] Interval           Transfer     Bitrate         Retr  Cwnd
[  5]   0.00-1.00   sec   128 MBytes  1.08 Gbits/sec    0   1.10 MBytes       
[  5]   1.00-2.00   sec  59.2 MBytes   497 Mbits/sec    1   1.32 MBytes       
[  5]   2.00-3.00   sec  47.0 MBytes   394 Mbits/sec    1   1.11 MBytes       
[  5]   3.00-4.00   sec  46.8 MBytes   392 Mbits/sec    3    908 KBytes       
[  5]   4.00-5.00   sec  49.1 MBytes   412 Mbits/sec    2   1.06 MBytes       
[  5]   5.00-6.00   sec  41.0 MBytes   344 Mbits/sec    2    631 KBytes       
[  5]   6.00-7.00   sec  92.1 MBytes   773 Mbits/sec    0    783 KBytes       
[  5]   7.00-8.00   sec   134 MBytes  1.13 Gbits/sec    0    962 KBytes       
[  5]   8.00-9.00   sec   129 MBytes  1.08 Gbits/sec    0    962 KBytes       
[  5]   9.00-10.00  sec   132 MBytes  1.11 Gbits/sec    0    962 KBytes       
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec   859 MBytes   721 Mbits/sec    9             sender
[  5]   0.00-10.00  sec   857 MBytes   718 Mbits/sec                  receiver

iperf Done.

enable 5ghz band support on intel wireless chips

download iwlwifi-lar-disable-dkms:

yay -G iwlwifi-lar-disable-dkms

edit pkgbuild change kernel based on your version:

pkgver=6.9.8

build package:

makepkg -si

edit /etc/default/grub:

GRUB_CMDLINE_LINUX_DEFAULT="loglevel=3 quiet iwlwifi.lar_disable=Y"

commit changes:

grub-mkconfig -o /boot/grub/grub.cfg
mkinitcpio -P

references